|
Hello, I’ve encountered an interesting local DOS issue on Apache 2.4.48, and I am not sure whether this is intended behavior. Symptom: - Apache2 hangs indefinitely (stops processing incoming requests) Setup: - Apache 2.4.48 built from source, running on Debian 10 - A dummy CustomLog program that does not consume stdin An example of a directive causing the issue: CustomLog “|/tmp/logger.py” combined OR CustomLog “|$/tmp/logger.py” combined To reproduce the issue, simply configure CustomLog as above where the target logger is a dummy executable that does not consume stdin. After this, generate enough requests to hang the server (in my case around 700-800, but this depends on what the log format is and probably other directives too). Apache then stops processing any incoming requests. I am not entirely sure about the root cause of the issue, but I believe it apache wants to write to the stdin buffer of the target logger, and since it is full, it will try to wait until there is space. Since the logger is not consuming the stdin, this causes apache to hang indefinitely. Is this intended behaviour? If so, are there any ways to mitigate the issue by changing the Apache / OS configuration? The logger that is actually used is not a dummy program, but unfortunately has similar behaviour (full buffers) under heavy load. Best regards, Olli |
|